Hybrid AD joined rather than Entra ID Joined
A few years ago, when we tentatively started using Intune in our hybrid on-premise AD environment, and most devices were AD-joined rather than AAD-joined, we turned off Windows Hello for Business.
Now that we are in the process of winding down our on-premise configuration, all new devices log into AAD and are configured via Intune. Currently, we are about 65-35% in favour of Intune and should be near 100% by EOFY.
We’d now like to include Windows Hello as part of our security upgrades.
What sort of pain am I facing if I turn it back on, bearing in mind the default is All Users, and I can’t see a way to turn it on for a minimal set of users initially?
Posted by John McGuigan in HTMD FB Group